Frequently asked questions on using

How secure is my information?
Our organisation, platform, and UK data centres hold UKAS accredited ISO 27001:2103 certification. The data centres have a duplicate system failover in case of loss.

We also hold a number of other complementary accreditations and certifications because of our work with UK Government. This means we conduct regular CHECK penetration tests of the services and have additional responsibilities that go beyond ISO 27001. This gives our customers security and assurance in our solution and cloud services.

Read more about our security credentials.

Where is my data stored?
The data is stored in a UK Data Centre that like us, meets all the expected security accreditations including a UKAS Accredited ISO 27001:2013 certification. The data centre also has the new cloud provider ISO 27018 standard as well.
Is my data backed-up?
Data is automatically backed-up every 4-hours and we retain a full backup for one month.
If I want to terminate at the end of my subscription what happens to my data?
We retain your data for one month post termination. This gives you ample time to export or copy any information out of your environment.
Is it possible to download a full backup of all the data in For the purpose of a) maintaining our own backup of all ISMS related data, b) decides to discontinue its service and c) we decide to end our subscription.
The short answer is yes. We currently offer a range of exports, downloads etc and you can pull all your information off either during life or in the event you choose to unsubscribe. We are also soon to be releasing a ‘one click’ export option for authorised parties that would effectively provide your complete ISMS in one convenient zip file.
Are we able to extract, edit, and re-upload the policies you provide in the platform?
Editing is normally done online within the workspace provided (with full revision/audit trail). We recommend using this workspace wherever possible as you can create links to other relevant areas of the platform, making for a much-improved user experience. In some instances, you may choose to upload documents and yes, they can all be ‘checked-out’ to show other users they are being worked on and then uploaded as a new version.

Whichever method you choose to manage your policies, full revision history and version control is taken care of.

Can I upload my existing procedures and policies documents?
Yes. You can copy and paste them directly into the Notes areas within your ISO 27001 (or GDPR) framework, or you can upload a Word file. Either way, you’ll have a full audit trail of date, time and revisions.
What file formats can be uploaded into the platform?
Our platform supports all standard file formats including Word, Excel, pdf, video, sound, ppt, png, and many more.

You can also hyperlink to existing documentation in your Google Drive or Shared folders.

Can the information entered into the system be exported into say Excel? Can this be done individually for each section/table and globally for the entire system?
Our online platform is designed for easy team working and management overview, and as such, most of your ISMS work will be undertaken on the platform.

However, we recognise the need for external reporting and, therefore, there are a number of reporting and exporting options which produce in various MS Word, Excel and PDF options depending on the nature of the report being requested. You can print out the screen too using your browser print screen options, and relevant pages have been styled up. You can also export a report of the current policies and controls, with links to any documents identified too.

The important ones are the risk management, applicable legislation & interested parties tables – all are exportable to Excel.

Measurement and KPI reports are exportable too and, where start and due dates have been entered in your project, you have the ability to export to a Gantt chart if required.

What are the user types in the subscription?
Our cost effective solutions are based on usage, users and scope.

Your annual platform licence will come with a set number of ‘Regular’ users, subject to that scope, and will always have the option to add extras.

Regular users are those who will be accessing the platform on a regular basis to work on your ISMS. They would include, for example, policy creators, approvers, your ISMS management board, and maybe risk and incident owners too.

‘Occasional users’ would normally be associated with staff who may need to read policies or ISMS updates a handful of times a year, or who may be required to work on a short-term project such as an HR Induction Programme.

For those subscribing to the Staff Training Engagement package, which includes our popular Policy Pack feature, 15 occasional users come included as standard and there is an option to add extra if needed.

You can request your personalised quotation here.

Can I have access to a demo environment to ‘test-drive’?

Whilst our system is really easy and intuitive to use, it does cover a large and complex subject matter. It also contains a huge amount of IP in terms of our methodologies, policies and controls. For this reason, it’s currently not available in a test environment. We’d love to conduct a demo that we can record and if you love the system but are still worried, we’re happy to discuss trial periods.  Clearly, we all need to know what success looks like so that we can support you in achieving your goals.

Is there an on-premise version of the software or is there only a SaaS option?

We currently only promote our SaaS version of the software on the website. We can offer an on-premise option by exception but it is much more expensive than our SaaS offering for obvious reasons and would require some up front consulting work too. Our complete SaaS services start around just £300 per month for micro businesses whereas the on-premise starts at £50,000 GBP regardless of organisation size.

Do you support Common Controls?

The Common Controls are a way to harmonize differences in wording across the Authority Documents (ISO27K, NIST, HIPPA, SOX, etc.) and as such may be relevant to large, multi-national organisations.

The platform does not currently support Common Controls, however, we do support various frameworks and powerful linking between them.

See in action